Creating reports and dashboards | Stimulsoft community forum

Reporting tool and data analytics tools for creating reports and dashboards in ASP.NET, ASP.NET MVC, .NET Core, Blazor, Angular, PHP, Python, WPF, JavaScript, and Java applications.
https://forum.stimulsoft.com/

Prevent Edit of Connection string

https://forum.stimulsoft.com/viewtopic.php?t=63596

Page 1 of 1

Prevent Edit of Connection string

Posted: Fri Oct 17, 2025 8:46 am
by admin@secsol.co.uk
In the report designer it is possible for the end user to edit the data connection string (ODBC) this is obviously a security risk as they can then see the login details etc.

In the web version I can prevent the end user from editing the connection string by doing this :

Code: Select all

 options.Dictionary.PermissionDataConnections = StiDesignerPermissions.View;
I have tried to do the same thing with my Windows program using this code that I found in another thread :

Code: Select all

  SelectedReport.SReport.Dictionary.Restrictions.Add("Cypher1", StiDataType.Database, StiRestrictionTypes.DenyEdit);
  StiOptions.Designer.CodeTabVisible = false;
However, this doesn't prevent the end user from editing the connection string.

How do I achieve the same thing as the web application in making the data connection read only?

Re: Prevent Edit of Connection string

Posted: Fri Oct 17, 2025 3:20 pm
by Max Shamanov
Hello,

Could you please send us a sample project that reproduces the issue?

Thank you.

Re: Prevent Edit of Connection string

Posted: Tue Oct 28, 2025 8:37 am
by admin@secsol.co.uk
It is okay, I have found the problem.

I was setting the Dictionary Restriction before I had added the Cypher1 data source - I have to set it afterwards.

Re: Prevent Edit of Connection string

Posted: Wed Oct 29, 2025 6:00 am
by Max Shamanov
Hello.

Ok.
Let us know if you need our help.

Thank you.

Re: Prevent Edit of Connection string

Posted: Wed Feb 04, 2026 9:59 am
by Evangeline
admin@secsol.co.uk wrote: Fri Oct 17, 2025 8:46 am In the report designer it is possible for the end user to edit the data connection string (ODBC) this is obviously a security risk as they can then see the login details etc.

In the web version I can prevent the end user from editing the connection string by doing this :

Code: Select all

 options.Dictionary.PermissionDataConnections = StiDesignerPermissions.View;
I have tried to do the same thing with my Windows program using this code that I found in another thread :

Code: Select all

  SelectedReport.SReport.Dictionary.Restrictions.Add("Cypher1", StiDataType.Database, StiRestrictionTypes.DenyEdit); 
  StiOptions.Designer.CodeTabVisible = false;
slope
However, this doesn't prevent the end user from editing the connection string.

How do I achieve the same thing as the web application in making the data connection read only?
Why does the approach used in the web version to restrict editing of the data connection string not work in the Windows application, despite using similar permission settings?

Re: Prevent Edit of Connection string

Posted: Wed Feb 04, 2026 7:56 pm
by Lech Kulikowski
Hello,

In the .NET and Web versions, these settings are slightly different.
For the web designer, you should use Permissions:
https://www.stimulsoft.com/en/documenta ... ttings.htm

Thank you.
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited